Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
File:                     QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft (raw, json)
Hash identifier:          LlYouE2zpAFfP2gFPp/x3092/eITwafm97W84rcnfvA=
Subject key identifier:   D3:D0:C3:A4:5A:8B:76:F9:C9:DB:79:B2:7A:7F:52:38:98:68:6A:8F
Authority key identifier: 43:1C:57:E1:92:1D:31:A3:4A:EB:D1:2E:50:7A:13:6F:E0:45:98:C6
Certificate issuer:       /CN=431c57e1921d31a34aebd12e507a136fe04598c6
Certificate serial:       01988A69D6D0F6885934E713C3B53634A8F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
Manifest number:          03DF
Signing time:             Fri 08 Aug 2025 16:00:48 +0000
Manifest this update:     Fri 08 Aug 2025 16:00:48 +0000
Manifest next update:     Sat 09 Aug 2025 16:00:48 +0000
Files and hashes:         1: QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl (hash: mip68GOBgsx0VprWh8YkLRZUWpairZRwXSZROhzGWzY=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 09 Aug 2025 16:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:8a:69:d6:d0:f6:88:59:34:e7:13:c3:b5:36:34:a8:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=431c57e1921d31a34aebd12e507a136fe04598c6
        Validity
            Not Before: Aug  8 16:00:48 2025 GMT
            Not After : Aug  9 16:00:48 2025 GMT
        Subject: CN=d3d0c3a45a8b76f9c9db79b27a7f523898686a8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:6e:80:eb:87:d0:c9:b3:b1:fb:07:28:e5:18:
                    77:ed:16:a9:ea:f2:2d:ec:b2:5c:01:69:97:24:fa:
                    e9:f3:5c:8f:a0:c8:17:d5:68:01:4f:62:5d:48:47:
                    75:b7:19:93:ac:f4:df:e1:66:71:a8:05:1d:7f:d4:
                    90:2b:b7:72:28:a3:ee:f2:b5:ab:4f:de:d6:12:46:
                    95:cf:29:17:ba:59:d8:a8:6a:04:e4:2c:4b:43:a7:
                    dc:56:3c:96:ce:c6:3c:b0:28:68:79:ff:3b:48:b8:
                    1c:74:26:8f:0e:2e:51:c2:b0:30:1d:36:f0:44:3c:
                    f2:82:e0:9d:45:67:1a:51:a8:80:34:df:db:a3:66:
                    d4:77:1a:a1:da:13:5c:6c:57:38:22:6a:d4:62:bf:
                    a4:0f:b7:39:bb:47:be:9f:5f:6d:7a:99:8a:13:e7:
                    d0:e3:53:4e:1d:58:46:d8:1d:6e:3a:27:a1:d7:6c:
                    62:a1:fa:51:98:fa:01:5d:77:36:dd:4e:eb:e8:48:
                    de:71:18:a5:50:36:e1:b4:9f:86:86:f2:4c:81:e3:
                    ca:f4:cb:f4:12:50:af:f2:e7:f1:d6:d7:3e:9f:f5:
                    4b:5e:a5:3b:be:e8:1f:c8:95:27:9e:e7:be:a7:18:
                    1c:8b:9a:2b:60:64:43:20:21:65:9e:b5:2e:03:66:
                    dc:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:D0:C3:A4:5A:8B:76:F9:C9:DB:79:B2:7A:7F:52:38:98:68:6A:8F
            X509v3 Authority Key Identifier:
                keyid:43:1C:57:E1:92:1D:31:A3:4A:EB:D1:2E:50:7A:13:6F:E0:45:98:C6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QxxX4ZIdMaNK69EuUHoTb-BFmMY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/0f1aaf-b173-4ce1-bcba-cc353ebacba6/1/QxxX4ZIdMaNK69EuUHoTb-BFmMY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:69:8e:8a:be:0f:12:1c:08:ff:a5:f1:3d:41:6c:de:1b:58:
         63:86:f1:2f:07:4b:c9:6b:ca:20:78:05:f7:3a:94:7c:ba:52:
         52:c8:40:c9:3c:b0:f8:f9:9a:77:a8:9c:b5:fd:f8:9d:5d:e8:
         2a:0f:51:19:38:41:44:12:5e:6a:5b:39:e8:f1:64:39:9d:b0:
         ab:09:ba:e0:c5:9a:35:b9:0d:f4:d8:bf:44:bc:3e:77:70:cf:
         66:fe:92:3b:8b:92:e0:51:b1:84:cc:dd:16:2c:b4:3f:d2:ed:
         46:ec:7d:62:e6:3d:1a:4c:7e:1c:50:08:b8:21:26:e2:36:b8:
         85:c2:6c:a6:40:29:ef:21:a5:38:c0:f2:34:1a:b1:66:75:55:
         c5:2c:2e:b1:a1:2d:ff:b0:d0:4d:ff:6c:61:de:42:48:d5:1b:
         b4:fd:ed:da:ec:4d:42:66:d4:1a:00:0c:12:a1:7b:7f:ff:09:
         03:b1:d5:49:2b:04:dd:6c:05:c0:2e:be:62:90:8c:8c:86:cb:
         17:4a:e7:81:cd:29:37:c9:52:2d:ea:a0:41:39:19:ca:ac:44:
         e9:41:16:30:52:2d:57:e2:ef:9f:18:96:17:aa:b4:71:b8:c5:
         ff:02:ba:31:78:e0:40:7f:55:52:dd:40:46:b0:25:bb:0b:9a:
         0b:44:22:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiKadbQ9ohZNOcTw7U2NKj4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMWM1N2UxOTIxZDMxYTM0YWViZDEyZTUwN2ExMzZmZTA0
NTk4YzYwHhcNMjUwODA4MTYwMDQ4WhcNMjUwODA5MTYwMDQ4WjAzMTEwLwYDVQQD
EyhkM2QwYzNhNDVhOGI3NmY5YzlkYjc5YjI3YTdmNTIzODk4Njg2YThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApW6A64fQybOx+wco5Rh37Rap6vIt
7LJcAWmXJPrp81yPoMgX1WgBT2JdSEd1txmTrPTf4WZxqAUdf9SQK7dyKKPu8rWr
T97WEkaVzykXulnYqGoE5CxLQ6fcVjyWzsY8sChoef87SLgcdCaPDi5RwrAwHTbw
RDzyguCdRWcaUaiANN/bo2bUdxqh2hNcbFc4ImrUYr+kD7c5u0e+n19tepmKE+fQ
41NOHVhG2B1uOieh12xiofpRmPoBXXc23U7r6EjecRilUDbhtJ+GhvJMgePK9Mv0
ElCv8ufx1tc+n/VLXqU7vugfyJUnnue+pxgci5orYGRDICFlnrUuA2bc8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNPQw6Rai3b5ydt5snp/UjiYaGqPMB8GA1UdIwQY
MBaAFEMcV+GSHTGjSuvRLlB6E2/gRZjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wZjFhYWYtYjE3My00Y2UxLWJjYmEt
Y2MzNTNlYmFjYmE2LzEvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wZjFhYWYtYjE3My00Y2UxLWJjYmEtY2MzNTNlYmFjYmE2
LzEvUXh4WDRaSWRNYU5LNjlFdVVIb1RiLUJGbU1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeWmOir4P
EhwI/6XxPUFs3htYY4bxLwdLyWvKIHgF9zqUfLpSUshAyTyw+Pmad6ictf34nV3o
Kg9RGThBRBJeals56PFkOZ2wqwm64MWaNbkN9Ni/RLw+d3DPZv6SO4uS4FGxhMzd
Fiy0P9LtRux9YuY9Gkx+HFAIuCEm4ja4hcJspkAp7yGlOMDyNBqxZnVVxSwusaEt
/7DQTf9sYd5CSNUbtP3t2uxNQmbUGgAMEqF7f/8JA7HVSSsE3WwFwC6+YpCMjIbL
F0rngc0pN8lSLeqgQTkZyqxE6UEWMFItV+LvnxiWF6q0cbjF/wK6MXjgQH9VUt1A
RrAluwuaC0Qi1Q==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:22:19 2025 by rpki-client